Avast WEBforum
Other => Viruses and worms => Topic started by: REDACTED on October 16, 2018, 06:31:50 PM
-
I own domain name propertysend.com. It is falsely marked as a phising website. I have fully scanned it and there is no malware or viruses and all web forms use SSL. Please delist this immediately. I have reported as false positive 3 times over the last 2 days and no action has been taken. I have spent over 2 hours on the phone with your reps.
-
https://www.virustotal.com/#/url/10b06c6b02cb5516acaf85157dc99a05002db4c19ccae530a20ee697c82ea951/detection
-
What does this mean? The Forcepoint says no threats found. https://sitecheck.sucuri.net/results/propertysend.com
-
Wait for an avast team member to give the final verdict on this domain,
as they are the only ones that can come and unblock.
You might however consider to implement patching because of insecurity and/or misconfiguration of your CMS.
Errors and vulnerabilities that I detected going over your website's code,.
We are volunteers here but with relevant knowledge in website security analysis.
Flagged = 1 -> /livezilla/chat.php?a=7c21d is that code known to be clean?
consider: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=cH1dcHt9dHlze24jLl5dbQ%3D%3D~enc
CMS outdated: Word Press version 4.9.3
Outdated plug-ins found: The following plugins were detected by reading the HTML source of the WordPress sites front page.
bb-plugin
logo-carousel-pro
social-pug 1.4.1 latest release (1.5.0) Update required
http://www.devpups.com/social-pug/
strong-testimonials 2.30.2 latest release (2.32) Update required
https://strongplugins.com/plugins/strong-testimonials/
wordpress-seo 7.8 latest release (8.4) Update required
https://yoa.st/1uj
scroll-top 1.0.2 latest release (1.0.3) Update required
https://www.theme-junkie.com/plugins/scroll-top/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
Warning Directory Indexing Enabled
In the test we attempted to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.
/wp-content/uploads/ enabled
/wp-content/plugins/ disabled
Directory indexing was tested on the /wp-content/uploads/ and /wp-content/plugins/ directores. Note that other directories may have this web server feature enabled, so ensure you check other folders in your installation. It is good practice to ensure directory indexing is disabled for your full WordPress installation either through the web server configuration or .htaccess.
Max. runtime exceeded for -(script) -www.propertysend.com/wp-content/uploads/bb-plugin/cache/aeac6c180d0466bc0a0ee790734fc565-layout-bundle.js?ver=2.1.5.2-1.2.0.3
See security recommendations here: https://webhint.io/scanner/75aa402e-45d0-445c-b967-56f4d45b08aa
non-secured connectiuon for: -http://www.propertysend.com/livezilla/index.php
Insecure Identifiers: Unique IDs about your web browsing habits have been insecurely sent to third parties.
477ac174d3bd65a294929942d4975c4c -www.propertysend.com
polonus (3rd party cold reconnaissance wesite security analyst and website error-hunter)
-
Hi Polonus,
I do not believe any of these are the problems. Yes, outdated software can create room for exploitation but that has not occurred here. Our site has not been compromised, Securri Monitors it and there are no phishing or malware or viruses anywhere on our site or server. Furthermore, I have already updated wordpress and all plugins within the last 20-30 minutes. And also forced HTTPS on that live chat software. But again, these are not the reason avast was reporting the domain. I updated them just to make sure they are up to date, but no compromises have happened.
-
IP history >> https://www.virustotal.com/#/ip-address/96.127.128.242
Click more button and click listed items for details
It is reported to avast lab, check back tomorrow for possible reply
-
Hi michael1537,
As I said wait for an avast team member and they will decide.
By the way updating and patching outdated CMS kernel and plug-ins is always recommendable i.m.h.o.
Not saying your site is actually being abused at the mo,
but vulnerabilities could get abused in the future.
But wait for an avast team member toi decide your site is good to go and could be unblocked,
polonus
-
Hello,
use https://www.avast.com/false-positive-file-form.php, please
Milos
-
This should be already fixed.
-
I have submitted this URL https://www.avast.com/false-positive-file-form.php several times over the last 48 hours.
This is not fixed. It is still reporting our site as phishing. As I have told your team several times, this hurts our business and is defamatory with no proof we are phishing which we are not.
You guys cannot arbitrary block websites you suspect are phishing without any proof, and then harm those businesses.
-
Here is proof that this is still happening, reported by our own clients who use your avast products.
-
Do a manual avast update and reboot computer ... still same problem?
-
Avast updated & computer rebooted. Here is an updated screenshot. You can see time stamp in bottom right... 2 mins ago. You are still blocking us. Please PM me the proof that your team has that our website is a phishing site, otherwise, remove effective immediately. I consider this defamation. There is nothing wrong with our site.
It will take years to restore client faith that our website is a safe place after the damage you caused.
-
Hi,
please check once again. Nothing on Your domain should be blocked anymore after the next update.
Jirka
-
hello, my domain is marked as pishing...but it´s fake... all the website was checked many times and everthing is welll ... I´d checked in a lot of sites checker looking for pishing, vírus and everthing is ok with my domain...
could you remove my domain from this Avast black list?
https://refugiodocapitao.com.br
-
hello, my domain is marked as pishing...but it´s fake... all the website was checked many times and everthing is welll ... I´d checked in a lot of sites checker looking for pishing, vírus and everthing is ok with my domain...
could you remove my domain from this Avast black list?
https://refugiodocapitao.com.br
Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php
Blacklisted
https://www.virustotal.com/gui/url/62d47fad56d7fa76d5ceebab08c2b5eb24f136817708bd23160d1ee57adfaedb/detection
-
hello, my domain is marked as pishing...but it´s fake... all the website was checked many times and everthing is welll ... I´d checked in a lot of sites checker looking for pishing, vírus and everthing is ok with my domain...
could you remove my domain from this Avast black list?
hxxps://refugiodocapitao.com.br
Detection was removed in 31.01.2020 and 03.02.2020 rating has been cleared of Avast Online Security.
Our virus specialists have now cleared its reputation in our database.
With URLs this change should be instant, but it might take up to 24 hours with files.